CVE-2023-54033

EPSS 0.03%
Veröffentlicht 24.12.2025 10:56:00
Zuletzt bearbeitet 29.12.2025 15:58:56
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

bpf: fix a memory leak in the LRU and LRU_PERCPU hash maps

The LRU and LRU_PERCPU maps allocate a new element on update before locking the
target hash table bucket. Right after that the maps try to lock the bucket.
If this fails, then maps return -EBUSY to the caller without releasing the
allocated element. This makes the element untracked: it doesn't belong to
either of free lists, and it doesn't belong to the hash table, so can't be
re-used; this eventually leads to the permanent -ENOMEM on LRU map updates,
which is unexpected. Fix this by returning the element to the local free list
if bucket locking fails.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 7

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < 79ea1a12fb9a8275b6e19d4ca625dd872dedcbb9

Version 20b6cc34ea74b6a84599c1f8a70f3315b56a1883

Status affected

Version < 1a9e80f757bbb1562d82e350afce2bb2f712cc3d

Version 20b6cc34ea74b6a84599c1f8a70f3315b56a1883

Status affected

Version < 965e9cccbe6b9c7b379908cebcb5e3a47f20dd5e

Version 20b6cc34ea74b6a84599c1f8a70f3315b56a1883

Status affected

Version < b34ffb0c6d23583830f9327864b9c1f486003305

Version 20b6cc34ea74b6a84599c1f8a70f3315b56a1883

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 5.11

Status affected

Version < 5.11

Version 0

Status unaffected

Version <= 5.15.*

Version 5.15.115

Status unaffected

Version <= 6.1.*

Version 6.1.31

Status unaffected

Version <= 6.3.*

Version 6.3.5

Status unaffected

Version <= *

Version 6.4

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.03%	0.064

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://git.kernel.org/stable/c/79ea1a12fb9a8275b6e19d4ca625dd872dedcbb9

https://git.kernel.org/stable/c/1a9e80f757bbb1562d82e350afce2bb2f712cc3d

https://git.kernel.org/stable/c/965e9cccbe6b9c7b379908cebcb5e3a47f20dd5e

https://git.kernel.org/stable/c/b34ffb0c6d23583830f9327864b9c1f486003305

https://nvd.nist.gov/vuln/detail/CVE-2023-54033

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-54033

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-54033

EUVD